my server was cracked; now what?
Dave Cramer
davec-zxk95TxsVYDyHADnj0MGvQC/G2K4zDHf at public.gmane.org
Tue Jul 18 15:54:43 UTC 2006
Aaron,
Sorry to be so harsh, but reality bites. As long as you are
rebuilding here's some constructive advice
only allow ssh login
do not allow root to ssh in
do not allow su remotely
only allow sudo
do not allow passwords remotely, use public keys
further restrict what sudo can do
Dave
On 18-Jul-06, at 11:33 AM, Aaron Vegh wrote:
>> If I were
>> you're hosting company I'd pull the plug on the machine.
>
> I'm glad you're not my hosting company! :-)
>
> Like I said earlier, I've got an admin request in to reformat the
> drive and upgrade the OS at the same time. I agree with the dire
> threats uttered in this thread, unpleasant though they are to hear
> them. The thought that I can't trust the output of netstat or anything
> else is really scary...
>
> Cheers,
> Aaron.
> --
> The Toronto Linux Users Group. Meetings: http://tlug.ss.org
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
>
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list